{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:39456096-e6be-5ec4-b038-e83579fa6520", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7eb1085e-d542-5e9b-8add-929c8ebc245f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:281e3564-8116-567f-93e3-6a9a8626f2e5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55b9a005-d750-569f-af8f-8332d5bc4c11", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94245c4e-7e29-5e25-be40-3c4fbc4ccbba", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09ac8094-c141-535b-af09-6a6a4075b9f2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4beb5482-206e-5f64-9b40-3560e6a07754", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5aef5e0e-3607-54da-afb3-8a43873df470", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5c18b2c-dab3-53a2-8bfd-961432d1fb0b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37e634ff-f426-5421-b691-2745ff696929", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d23987f2-c5a3-51a9-8748-52be426903fb", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4624bc30-7003-56dc-88cd-94542d798bf5", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae1c51d6-2ff1-5360-9494-a4b9af1a3ef9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3721c117-7edb-5bf7-80c2-e9732830a4f3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:293d16fd-8331-5cc5-beeb-04dec35eb733", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e5b4ad17-ff4b-53f4-ba09-1003ee18387c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd8e25ad-8ed0-5f7a-b047-ff1240eda035", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54a3c3f9-3dcb-51fd-81c3-1b116e49bce4", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7276dd92-5075-5fc3-b82e-4ad5b0db4698", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aacc75bd-57a7-5360-b869-1d61322cebbd", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7bb108a9-5370-5842-b277-b1732cad12c4", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80b12ead-b2d2-5dfd-80bd-a526960551e9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2fe7493d-faa5-56cf-81fe-3efccc6df700", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d689a24-d7e1-5ddf-8404-bbba41be869e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9024ee80-5876-5fee-bbd6-c08bd060ca0a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:755cfe61-2382-5c6e-9e32-ce2c3437796f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:902338eb-6ad8-5da9-bad1-4e67365b9d2c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c8abb99-4735-558d-9485-0f17f1e03023", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5534f46b-eb60-5ee2-aac1-a6203dcfc21f", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d28c8de-ad9e-599d-b028-2b2e795ec676", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17cf1ea1-6d19-5fc6-81d9-4a786582b7ef", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c8b57be-1a57-583a-ad65-c74d53ecfdd2", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d25bbb1-1885-583d-93cf-9a9abd24bd0c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.3" } ] }